RSA Archer is fantastic at cataloguing, personalizing assessments, raw reporting, and capacity to add custom fields. It is a little clunky around adding contextual information to notifications, peeking into data before attempting to load pages, quick navigation or determining linked (or sub-linked) relationships. These are all concerns that can either be worked around with an appropriate data scheme or with careful administration of the sub-routines.
OAM is designed to be scalable, and it can handle large-scale deployments with thousands of users and applications. It provides a centralized framework for managing access to web applications and resources, enabling organizations to define and enforce security policies across their entire IT environment. OAM offers a range of authentication and authorization mechanisms, including multi-factor authentication and OAuth-based authentication, making it suitable for organizations that need to meet different security and compliance requirements.
Integration capabilities to multiple enterprise systems
Control standards and Procedures to address multiple regulatory/authoritative sources, standards and frameworks enabling test once satisfy many requiremnts
Rapid application development and User friendly tool with configuration capability to customize easily without user requiring programming or coding skills
Oracle Access Management allows superior session management capabilities. It can maintain and terminate session states using access engine and endpoint cookies or security tokens.
It allows for automated single sign-on as well as protocol translation.
The suite allows for real-time fraud detection and prevention capabilities. This is especially useful where our applications are accessed by tens of thousands of users simultaneously.
The product could be improved by simplifying changing the master password. That is, if you change a password in one place, it would be good to automate changing the password for all the gateways so that change is less complicated.
It should be more Customizable for Customer Specific needs.
Oracle Access Management connects well with Oracle Database but doesn't work smoothly with Microsoft AD.
Good tool to get the information communicated, approval workflow, and easy to add new findings/questionnaires. Seems to be compatible with different browsers and little downtime. Only request for improvement is to add an export feature with fewer clicks. Maybe batch export.
Our RSA Archer team is dedicated to finding solutions for our organization. They haven't mentioned any issues with receiving support with deployment or bug fixes, and generally the platform is very dependable. They are always very excited about delivering a version upgrade and presenting any new features that provide more dashboards or chart types.
It has been roughly 5 years since I have seen Securevue, so a lot can change, but to me it felt like several products were purchased and an attempt was made to piece them all together into a single solution (and I believe that may have been true). It also required agents on endpoints which did not fit the model I believed customers were looking for. MetricStream appeared to be difficult to install as it took their own engineers some time to get it installed in my lab environment. I did not think their web interface was as intuitive as RSA Archer. Customization to the platform was possible to some degree, but required a lot more work and technical skills than required by Archer. I did like the landing page for MetricStream which called out the important action items for the current user, but Archer v6.X now has this feature.
Both are great products. From a technical point of view Oracle Access Management implementation is relatively simple due to the possibility to adjust the functionality and appearance of the system to the customer's needs. SAP is a robust product but not user friendly and more expensive. Overall cost and product functionality was what drove us to implement Oracle Access Management.
